Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Unverified Commit 914603d8 authored by Tom Marshall's avatar Tom Marshall Committed by Michael Bestas
Browse files

recovery: Allow bypassing signature verification on non-release builds 

For non-release (userdebug, eng) builds, when signature verification
fails, ask the user whether they wish to install anyway.

[aleasto]
Rewritten to minimize the diff footprint for maintainability

Change-Id: I950ad455e6f698cabe348f0482eb64287cc88a08
parent db1d2f96

install/install.cpp

+6 −1
Original line number Diff line number Diff line
@@ -54,12 +54,15 @@ 
#include "otautil/paths.h"

#include "otautil/sysutil.h"

#include "private/setup_commands.h"

#include "recovery_ui/device.h"

#include "recovery_ui/ui.h"

#include "recovery_utils/roots.h"

#include "recovery_utils/thermalutil.h"



using namespace std::chrono_literals;



bool ask_to_continue_unverified(Device* device);



static constexpr int kRecoveryApiVersion = 3;

// We define RECOVERY_API_VERSION in Android.mk, which will be picked up by build system and packed

// into target_files.zip. Assert the version defined in code and in Android.mk are consistent.
@@ -540,8 +543,10 @@ static InstallResult VerifyAndInstallPackage(Package* package, bool* wipe_cache, 
  // Verify package.

  if (!verify_package(package, ui)) {

    log_buffer->push_back(android::base::StringPrintf("error: %d", kZipVerificationFailure));

    if (!ui->IsTextVisible() || !ask_to_continue_unverified(ui->GetDevice())) {

        return INSTALL_CORRUPT;

    }

  }



  // Verify and install the contents of the package.

  ui->Print("Installing update...\n");

recovery.cpp

+9 −0
Original line number Diff line number Diff line
@@ -169,6 +169,15 @@ static bool yes_no(Device* device, const char* question1, const char* question2) 
  return (chosen_item == 1);

}



bool ask_to_continue_unverified(Device* device) {

  if (get_build_type() == "user") {

    return false;

  } else {

    device->GetUI()->SetProgressType(RecoveryUI::EMPTY);

    return yes_no(device, "Signature verification failed", "Install anyway?");

  }

}



static bool ask_to_wipe_data(Device* device) {

  std::vector<std::string> headers{ "Format user data?", "This includes internal storage.", "THIS CANNOT BE UNDONE!" };

  std::vector<std::string> items{ " Cancel", " Format data" };

recovery.h

+2 −0
Original line number Diff line number Diff line
@@ -22,3 +22,5 @@ 
#include "recovery_ui/device.h"



Device::BuiltinAction start_recovery(Device* device, const std::vector<std::string>& args);



std::string get_build_type();

recovery_main.cpp

+1 −1
Original line number Diff line number Diff line
@@ -77,7 +77,7 @@ static bool IsDeviceUnlocked() { 
  return "orange" == android::base::GetProperty("ro.boot.verifiedbootstate", "");

}



static std::string get_build_type() {

std::string get_build_type() {

  return android::base::GetProperty("ro.build.type", "");

}

recovery_ui/device.cpp

+1 −0
Original line number Diff line number Diff line
@@ -74,6 +74,7 @@ static void PopulateMenuItems() { 
}



Device::Device(RecoveryUI* ui) : ui_(ui) {

  ui->SetDevice(this);

  PopulateMenuItems();

}